I guess we can close that, right?
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Nov 6 2018
Released: https://lists.gnupg.org/pipermail/gnupg-announce/2018q4/000432.html
- gpgsm: Fix CRL loading when intermediate certicates are not yet trusted.
- gpgsm: Fix an error message about the digest algo. [T4219]
- gpg: Fix a wrong warning due to new sign usage check introduced with 2.2.9. [T4014]
- gpg: Print the "data source" even for an unsuccessful keyserver query.
- gpg: Do not store the TOFU trust model in the trustdb. This allows to enable or disable a TOFU model without triggering a trustdb rebuild. [T4134]
- scd: Fix cases of "Bad PIN" after using "forcesig". [T4177]
- agent: Fix possible hang in the ssh handler. [T4221]
- dirmngr: Tack the unmodified mail address to a WKD request. See commit a2bd4a64e5b057f291a60a9499f881dd47745e2f for details.
- dirmngr: Tweak diagnostic about missing LDAP server file.
- dirmngr: In verbose mode print the OCSP responder id.
- dirmngr: Fix parsing of the LDAP port. [T4230]
- wks: Add option --directory/-C to the server. Always build the server on Unix systems.
- wks: Add option --with-colons to the client. Support sites which use the policy file instead of the submission-address file.
- Fix EBADF when gpg et al. are called by broken CGI scripts.
- Fix some minor memory leaks and bugs.
Nov 5 2018
Looking at the GPGME code the ERROR stati don't matter because they are only used to return a better error code in case an operation failed. The specific ones are not even recognized.
No info received.
No more complaints thus time to close.
Fixed in master and 2.2.
I consider this bug to be solved.
Nov 2 2018
Thanks for the report.
The T4237 fix should also fix this one.
Nov 1 2018
Oct 31 2018
The explicit check for a valid FD (in select) I mentioned above is commit 8173c4f1f8a145c4b1d454f6f05e26950e23d675
Oct 30 2018
Oct 29 2018
We need more testing.
We had this idea to have a label: or similar item in the extended-key-format which is displayed in addition to the other info. The user can then use an editor to put whatever she likes into this field.
It actually tries several servers but we need to set a limit because we need to cope with longer timeouts. Do you suggest to toggle between v4 and v6 addresses? That is if a v6 address fails, first try the next v4 address and it that fails, another v6 address, etc.
I don't see a problem. If you have the private key you can and will use it. I guess your concern is an oracle?
Oct 27 2018
Thanks.
Oct 26 2018
Fixed in master and 1.8.
@dkg: Thanks for the comments and your patience to convince me.
The next step is to release libgcrypt 1.8.4 :-)
Actually we plan to provide a more convenient way to perform the DH operation. See for example P7 for the non-elegant way which is required today.
Fixed in master and 1.8 by detecting a fork and re-opening the devices
Fixed in master and 2.2
Oct 25 2018
Oh, that is really old code dating back to dirmngr-1. There is only one user I will see whether I can replace it with the generic parser we have in http.c
Now that is funny c+p code. I vaporized it to just a few lines.
It seems that this part of the code was not finished. Unfortunately upstream of the dns code is unresponsive and thus we started to maintain the code base by ourselves. There is still an open question whether we should do that to the full extend, in which case we would integrate the code closer into the GnuPG framework with its own logging subsystems.